With computer and Internet use forming an ever greater part of day to day life, security exploits and cyber attacks directed to stealing and destroying computer resources, data, and private information are becoming an increasing problem. For example, “malware”, or malicious software, is a general term used to refer to a variety of forms of hostile or intrusive computer programs. Malware is, for example, used by cyber attackers to disrupt computer operations, to access and to steal sensitive information stored on the computer or provided to the computer by a user, or to perform other actions that are harmful to the computer and/or to the user of the computer. Malware may include computer viruses, worms, Trojan horses, ransomware, rootkits, keyloggers, spyware, adware, rogue security software, potentially unwanted programs (PUPs), potentially unwanted applications (PUAs), and other malicious programs. Malware may be formatted as executable files (e.g., COM or EXE files), dynamic link libraries (DLLs), scripts, macros or scripts embedded in document files, steganographic encodings within media files such as images, and/or other types of computer programs, or combinations thereof.
Malware authors or distributors (“adversaries”) frequently produce new variants of malware in attempts to evade detection by malware-detection or -removal tools. For example, adversaries may use various obfuscation techniques to change the contents of a malware file without changing its malicious function. Consequently, it is challenging to determine if a program is malware and, if so, to determine the harmful actions the malware performs without actually running the malware.